Canadian TV, Computing and Home Theatre Forums banner

VPN/OpenVPN questions to facilitate remote access

3K views 9 replies 4 participants last post by  Wayne 
#1 ·
I have tried googling for info on running OpenVPN but I can't find the type of info that I am looking for.

I want to be able to access my home LAN and resources on my LAN from mobile devices like an iPhone and iPad. Occasionally I will also want to connect to the VPN from my laptop although this would happen less frequently. I can do some of this today with port forwarding but I think it would be a lot easier and I could do more if I had a VPN.

My other use case is also to facilitate connecting my European based Virtual Private Server(VPS) to my LAN. My VPS runs Ubuntu and I would like to be able to mount drives to facilitate copying files from files on my home PC(s) to the VPS. I can use FTP to do this today but I would think it would be more convenient to have a more persistent type of mounting, like NFS, SAMBA, etc.

Do I need to install OpenVPN on my router?
Is the router then the OpenVPN server?
Or does that just facilitate the connection to the VPN?
If the router isn’t the VPN server then do I install VPN server software on one of the PCs on my LAN?
Do I then install OpenVPN client on other devices like iPad, iPhone, laptop and my VPS?
When I am connected via VPN do my VPN clients then get IPs on my local subnet - ie in the 192.168.1.X range?

Can anyone suggest a tutorial/guide on these issues?
 
See less See more
#2 ·
what are you using as your router? I'm not a networking expert but I have been messing around with them for many years. In my opinion the simplest way to achieve this would be using a router with openvpn server capabilities. I would start by checking if your router does. If it is able to run an open firmware such as tomatoUSB or ddwrt that's even better and there are lots of guides on the net for how to do this.

Here is one for tomatoUSB routers:
http://www.serverwatch.com/tutorial...Up-a-VPN-Server-on-a-Tomato-Router-Part-1.htm

If this is not an option then yeah, I think it is possible to install a software openvpn server but then that means that this machine must always be on to be able to access the VPN from the outside.

And yes, you will also need to install clients on the devices that will connect to the VPN (not sure if it exists for iOS but I'm guessing it does, but I can confirm that it does on Android as I use it on my phone).
 
#3 ·
My router is an Asus RT-N66U. It is currently running the stock firmware which does not have OpenVPN capabilities - but I think newer versions of the Asus firmware does.

However I am going to install Merlin which does support OpenVPN. But that is only one piece of the overall question. Sof if I have OpenVPN running on my router what else do I need on my LAN? Do I still need OpenVPN server running on a PC or is the router acting as the server allowing connections to my other PCs, shared drives, etc.
 
#5 ·
I cannot speak for Merlin as I've never tried it but Ive been running shibby's TomotoUSB on my Asus Rt-N16 pretty much since the second day I have it. At the time it was like getting a brand new router as it was much more stable. The stock Asus firmware was horrible at the time. If your VPN server is correctly setup in the router then no you should not have to do anything on the LAN or machines on the LAN itself, only on the devices that will be connecting to the VPN from the outside.

Also I've checked and there does seem to be an openVPN client for iOS.
https://itunes.apple.com/ca/app/openvpn-connect/id590379981?mt=8
I can't comment on it though as I've got no Apple products but it's made by OpenVPN Technologies themselves so should be good.
 
#4 ·
OpenVPN is available for Linux, Android & Windows. Not sure about any Apple gear. If your router doesn't support OpenVPN, then you'd have to install it on a computer behind it and then use port forwarding. However, this means you'll have to configure routing on your home network to send tunnel traffic in the appropriate direction. If you can run it on your firewall, you shouldn't have to do anything on your LAN, as the router will automagically route the traffic in the appropriate manner.
 
#6 ·
Ok great, so I just have to get OpenVPN working on the router and I am good.

I used to have an Asus RT-N16 running dd-wrt but I found it a pain in the butt to figure out what build of dd-wrt to use and it also caused some minor issues when I went to it with stuff like streaming Netflix to iPads.

The stock Asus firmware is pretty good. Merlin is very similar to the Asus firmware with a few additions for stuff like OpenVPN. It doesn't give you everything that Tomato, dd-wrt give you but it gives you pretty much everything that you need unless you are getting very fancy.
 
#8 ·
So to answer some of my questions in case anyone else is interested:

You can install and run OpenVPN server on an Asus RT-N66U router running Merlin firmware. The router can now generate keys following these instructions: https://github.com/RMerl/asuswrt-merlin/wiki/Generating-OpenVPN-keys-using-Easy-RSA

Most of the tutorials on the web for firmware like Tomato are out of date as they direct you to install OpenVPN on a PC, generate keys and then transfer the keys over to your router.

After generating keys on the router/server I was able to export an .ovpn file from the router to PC that I emailed to myself. When you open this attachment on the iPad it installs the certificate on the iPad. Voila - I was able to connect to the LAN on my iPad with Wifi shutoff and using an LTE connection so I am able to get the VPN working, at least with an iPad as a client.
 
#10 ·
About 5 minutes or so. I believe this router has an 800 MHz CPU/SoC. Everything else was instantaneous.

The only issue right now is that these files are all in /tmp mounts (is that the right term?) and will get blown away on a router reboot. But I have backed them up to my PC using WinSCP.
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top